[kernel-sec-discuss] r5207 - active retired

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Apr 23 10:23:24 UTC 2017 

Author: carnil
Date: 2017-04-23 10:23:24 +0000 (Sun, 23 Apr 2017)
New Revision: 5207

Added:
   retired/CVE-2017-2596
   retired/CVE-2017-8066
   retired/CVE-2017-8071
   retired/CVE-2017-8072
Removed:
   active/CVE-2017-2596
   active/CVE-2017-8066
   active/CVE-2017-8071
   active/CVE-2017-8072
Log:
Retire four CVEs

Deleted: active/CVE-2017-2596
===================================================================
--- active/CVE-2017-2596	2017-04-23 10:16:41 UTC (rev 5206)
+++ active/CVE-2017-2596	2017-04-23 10:23:24 UTC (rev 5207)
@@ -1,15 +0,0 @@
-Description: kvm: page reference leakage in handle_vmon
-References:
- https://www.spinics.net/lists/kvm/msg144319.html
-Notes:
- bwh> Introduced in 3.16 by 3573e22cfeca "KVM: nVMX: additional checks on vmxon
- bwh> region"
-Bugs:
- https://bugzilla.redhat.com/show_bug.cgi?id=1417812
-upstream: released (4.11-rc1) [06ce521af9558814b8606c0476c54497cf83a653]
-4.9-upstream-stable: released (4.9.24) [75465e71ec3139b958d06d48dfc85720aed69b6a]
-3.16-upstream-stable: released (3.16.42) [591fc80b6369a886a1d21cacf11f91b455781df3]
-3.2-upstream-stable: N/A "Vulnerable code not present"
-sid: released (4.9.13-1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch]
-3.16-jessie-security: released (3.16.39-1+deb8u1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch]
-3.2-wheezy-security: N/A "Vulnerable code not present"

Deleted: active/CVE-2017-8066
===================================================================
--- active/CVE-2017-8066	2017-04-23 10:16:41 UTC (rev 5206)
+++ active/CVE-2017-8066	2017-04-23 10:23:24 UTC (rev 5207)
@@ -1,11 +0,0 @@
-Description: can: gs_usb: Don't use stack memory for USB transfers
-References:
-Notes:
-Bugs:
-upstream: released (4.11-rc1) [c919a3069c775c1c876bec55e00b2305d5125caa]
-4.9-upstream-stable: released (4.9.14) [cec7abd27e878e3c83dc9af41ee87a2e9d483ac0]
-3.16-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 05ca5270005c"
-3.2-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 05ca5270005c"
-sid: released (4.9.16-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"

Deleted: active/CVE-2017-8071
===================================================================
--- active/CVE-2017-8071	2017-04-23 10:16:41 UTC (rev 5206)
+++ active/CVE-2017-8071	2017-04-23 10:23:24 UTC (rev 5207)
@@ -1,11 +0,0 @@
-Description: HID: cp2112: fix sleep-while-atomic
-References:
-Notes:
-Bugs:
-upstream: released (4.10-rc7) [7a7b5df84b6b4e5d599c7289526eed96541a0654]
-4.9-upstream-stable: released (4.9.9) [a18c4584a48931e8048508469bcdb53c6082221a]
-3.16-upstream-stable: N/A "Introduced in 4.9-rc7 with 1ffb3c40ffb5"
-3.2-upstream-stable: N/A "Introduced in 4.9-rc7 with 1ffb3c40ffb5"
-sid: released (4.9.10-1)
-3.16-jessie-security: N/A "Vulnerable code not present"
-3.2-wheezy-security: N/A "Vulnerable code not present"

Deleted: active/CVE-2017-8072
===================================================================
--- active/CVE-2017-8072	2017-04-23 10:16:41 UTC (rev 5206)
+++ active/CVE-2017-8072	2017-04-23 10:23:24 UTC (rev 5207)
@@ -1,12 +0,0 @@
-Description: HID: cp2112: fix gpio-callback error handling 
-References:
-Notes:
- Introduced with 4.9-rc7 with 1ffb3c40ffb5
-Bugs:
-upstream: released (4.10-rc7) [8e9faa15469ed7c7467423db4c62aeed3ff4cae3]
-4.9-upstream-stable: released (4.9.9) [7396685a1bca323b96fd79b836ae22b7569d7068]
-3.16-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9"
-3.2-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9"
-sid: released (4.9.10-1)
-3.16-jessie-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9"
-3.2-wheezy-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9"

Copied: retired/CVE-2017-2596 (from rev 5206, active/CVE-2017-2596)
===================================================================
--- retired/CVE-2017-2596	                        (rev 0)
+++ retired/CVE-2017-2596	2017-04-23 10:23:24 UTC (rev 5207)
@@ -0,0 +1,15 @@
+Description: kvm: page reference leakage in handle_vmon
+References:
+ https://www.spinics.net/lists/kvm/msg144319.html
+Notes:
+ bwh> Introduced in 3.16 by 3573e22cfeca "KVM: nVMX: additional checks on vmxon
+ bwh> region"
+Bugs:
+ https://bugzilla.redhat.com/show_bug.cgi?id=1417812
+upstream: released (4.11-rc1) [06ce521af9558814b8606c0476c54497cf83a653]
+4.9-upstream-stable: released (4.9.24) [75465e71ec3139b958d06d48dfc85720aed69b6a]
+3.16-upstream-stable: released (3.16.42) [591fc80b6369a886a1d21cacf11f91b455781df3]
+3.2-upstream-stable: N/A "Vulnerable code not present"
+sid: released (4.9.13-1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch]
+3.16-jessie-security: released (3.16.39-1+deb8u1) [bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch]
+3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2017-8066 (from rev 5206, active/CVE-2017-8066)
===================================================================
--- retired/CVE-2017-8066	                        (rev 0)
+++ retired/CVE-2017-8066	2017-04-23 10:23:24 UTC (rev 5207)
@@ -0,0 +1,11 @@
+Description: can: gs_usb: Don't use stack memory for USB transfers
+References:
+Notes:
+Bugs:
+upstream: released (4.11-rc1) [c919a3069c775c1c876bec55e00b2305d5125caa]
+4.9-upstream-stable: released (4.9.14) [cec7abd27e878e3c83dc9af41ee87a2e9d483ac0]
+3.16-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 05ca5270005c"
+3.2-upstream-stable: N/A "Vulnerable code introduced in 4.8-rc1 with 05ca5270005c"
+sid: released (4.9.16-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2017-8071 (from rev 5206, active/CVE-2017-8071)
===================================================================
--- retired/CVE-2017-8071	                        (rev 0)
+++ retired/CVE-2017-8071	2017-04-23 10:23:24 UTC (rev 5207)
@@ -0,0 +1,11 @@
+Description: HID: cp2112: fix sleep-while-atomic
+References:
+Notes:
+Bugs:
+upstream: released (4.10-rc7) [7a7b5df84b6b4e5d599c7289526eed96541a0654]
+4.9-upstream-stable: released (4.9.9) [a18c4584a48931e8048508469bcdb53c6082221a]
+3.16-upstream-stable: N/A "Introduced in 4.9-rc7 with 1ffb3c40ffb5"
+3.2-upstream-stable: N/A "Introduced in 4.9-rc7 with 1ffb3c40ffb5"
+sid: released (4.9.10-1)
+3.16-jessie-security: N/A "Vulnerable code not present"
+3.2-wheezy-security: N/A "Vulnerable code not present"

Copied: retired/CVE-2017-8072 (from rev 5206, active/CVE-2017-8072)
===================================================================
--- retired/CVE-2017-8072	                        (rev 0)
+++ retired/CVE-2017-8072	2017-04-23 10:23:24 UTC (rev 5207)
@@ -0,0 +1,12 @@
+Description: HID: cp2112: fix gpio-callback error handling 
+References:
+Notes:
+ Introduced with 4.9-rc7 with 1ffb3c40ffb5
+Bugs:
+upstream: released (4.10-rc7) [8e9faa15469ed7c7467423db4c62aeed3ff4cae3]
+4.9-upstream-stable: released (4.9.9) [7396685a1bca323b96fd79b836ae22b7569d7068]
+3.16-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9"
+3.2-upstream-stable: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9"
+sid: released (4.9.10-1)
+3.16-jessie-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9"
+3.2-wheezy-security: N/A "Vulnerability introduced with the introduction of VMAP_STACK in 4.9"

More information about the kernel-sec-discuss mailing list